Authorization Interfaces
The following interfaces are used with authorization applications.
In this section
| Topic | Description |
|---|---|
| IAzApplication |
Defines an installed instance of an application. An IAzApplication object is created when an application is installed. |
| IAzApplication2 |
Inherits from the IAzApplication interface and implements additional methods to initialize IAzClientContext2 objects. |
| IAzApplication3 |
Provides methods to manage IAzRoleAssignment, IAzRoleDefinition, and IAzScope2 objects. |
| IAzApplications |
Represents a collection of IAzApplication objects. |
| IAzApplicationGroup |
Defines a collection of principals. |
| IAzApplicationGroup2 |
Extends the IAzApplicationGroup interface by adding support for the BizRule group type. |
| IAzApplicationGroups |
Represents a collection of IAzApplicationGroup objects. |
| IAzAuthorizationStore |
Defines the container that is the root of the authorization policy store. |
| IAzAuthorizationStore2 |
Inherits from the AzAuthorizationStore object and implements methods to create and open IAzApplication2 objects. |
| IAzAuthorizationStore3 |
Extends the IAzAuthorizationStore2 interface with methods that manage business rule (BizRule) support and caching. |
| IAzBizRuleContext |
Contains information about a Business Rule (BizRule) operation. |
| IAzBizRuleInterfaces |
Provides methods and properties used to manage a list of IDispatch interfaces that can be called by business rule (BizRule) scripts. |
| IAzBizRuleParameters |
Provides methods and properties used to manage a list of parameters that can be passed to business rule (BizRule) scripts. |
| IAzClientContext |
Maintains the state that describes a particular client. |
| IAzClientContext2 |
Inherits from the IAzClientContext interface and implements new methods that manipulate the client context. |
| IAzClientContext3 |
Extends the IAzClientContext2 interface. |
| IAzNameResolver |
Translates security identifiers (SIDs) into principal display names. |
| IAzObjectPicker |
Displays a dialog box that allows users to select one or more principals from a list. |
| IAzOperation |
Defines a low-level operation supported by an application. |
| IAzOperation2 |
Extends the IAzOperation with a method that returns the role assignments associated with the operation. |
| IAzOperations |
Represents a collection of IAzOperation objects. |
| IAzPrincipalLocator |
Locates and chooses Active Directory Application Mode (ADAM) principals in Authorization Manager. |
| IAzRole |
Defines the set of operations that can be performed by a set of users within a scope. |
| IAzRoleAssignment |
Represents a role to which users and groups can be assigned. |
| IAzRoleAssignments |
Represents a collection of IAzRoleAssignment objects. |
| IAzRoleDefinition |
Represents one or more IAzRoleDefinition, IAzTask, and IAzOperation objects that specify a set of operations. |
| IAzRoleDefinitions |
Represents a collection of IAzRoleDefinition objects. |
| IAzRoles |
Represents a collection of IAzRole objects. |
| IAzScope |
Defines a logical container of resources to which the application manages access. |
| IAzScope2 |
Extends the IAzScope interface to manage IAzRoleAssignment and IAzRoleDefinition objects. |
| IAzScopes |
Represents a collection of IAzScope objects. |
| IAzTask |
Describes a set of operations. |
| IAzTask2 |
Extends the IAzTask interface with a method that returns the role assignments associated with the task. |
| IAzTasks |
Represents a collection of IAzTask objects. |
| IeAxiService |
Initializes a system service object to install an ActiveX object when the current user does not have permission to install the object. |
| IeAxiServiceCallback |
Called by the IeAxiSystemInstaller interface to verify that an ActiveX object can be installed. |
| IeAxiSystemInstaller |
Installs an ActiveX object. |
| IEffectivePermission |
Provides a means to determine effective permission for a security principal on an object. |
| IEffectivePermission2 |
Provides a way to determine effective permission for a security principal on an object. |
| ISecurityInformation |
Enables the access control editor to communicate with the caller of the CreateSecurityPage and EditSecurity functions. |
| ISecurityInformation2 |
Enables the access control editor to obtain information from the client that is not provided by the ISecurityInformation interface. |
| ISecurityInformation3 |
Provides methods necessary for displaying an elevated access control editor when a user clicks the Edit button on an access control editor page that displays an image of a shield on that Edit button. |
| ISecurityInformation4 |
Enables the access control editor (ACE) to obtain the share's security descriptor to initialize the share page. |
| ISecurityObjectTypeInfo |
Provides a means of determining the source of inherited access control entries (ACEs) in discretionary access control lists (DACLs) and system access control lists (SACLs). |
Authorization interfaces are categorized according to usage as follows:
Access Control Editor Interfaces
The following interfaces are used with the access control editor.
- IEffectivePermission
- ISecurityInformation
- ISecurityInformation2
- ISecurityInformation3
- ISecurityObjectTypeInfo
ActiveX Installer Interfaces
ActiveX Installer provides the following interfaces.
Authorization Manager Interfaces
Authorization Manager provides the following interfaces.
- IAzApplication
- IAzApplication2
- IAzApplication3
- IAzApplications
- IAzApplicationGroup
- IAzApplicationGroup2
- IAzApplicationGroups
- IAzAuthorizationStore
- IAzAuthorizationStore2
- IAzAuthorizationStore3
- IAzBizRuleContext
- IAzBizRuleInterfaces
- IAzBizRuleParameters
- IAzClientContext
- IAzClientContext2
- IAzClientContext3
- IAzNameResolver
- IAzObjectPicker
- IAzOperation
- IAzOperation2
- IAzOperations
- IAzPrincipalLocator
- IAzRole
- IAzRoleAssignment
- IAzRoleAssignments
- IAzRoleDefinition
- IAzRoleDefinitions
- IAzRoles
- IAzScope
- IAzScope2
- IAzScopes
- IAzTask
- IAzTask2
- IAzTasks